HomeResourcesArticlesWhat Is A Do Not Track (DNT) Disclosure, And Do You Need One For Your Privacy Policy?

What Is A Do Not Track (DNT) Disclosure, And Do You Need One For Your Privacy Policy?

October 31, 2017 | By Zachary Paruch

Many digital marketers consider tracking user browser history a key strategy to understanding consumer behavior. With this information, they can target users with specific advertising based on their recent search history.

Consumers, however, usually don’t appreciate this kind of data collection. For reasons of personal privacy or a desire to limit the kind of advertising they see as they browse the web, many choose to enable what is commonly referred to as the “Do Not Track” (DNT) option in their browsers before surfing.

The DNT option is a feature of all major browsers that run on desktop and mobile devices, except for iOS, where only Safari has this feature. When enabled, websites are informed by a DNT Signal that an individual has requested that his or her history not be tracked. Websites are under no obligation to comply with this request, but should disclose whether or not they choose to do so.

1. What Is a Do Not Track Disclosure?

A DNT disclosure is a paragraph included in a website’s privacy policy that notifies users whether or not the website complies with a user’s request for track-free browsing. Again, it should be stressed that under current state and federal legislation, websites do not have to comply with a user’s DNT response; they merely have to inform users whether they respond to the request or not.

Examples of websites with DNT disclosures

Charles Schwab: The Charles Schwab investment firm states within its disclosure that its websites do not comply with DNT requests because there is no accepted standard of how to respond to DNT signals and no agreed-upon definition of “tracking.”

Charles Schwab admits to engaging in “online behavioral advertising,” including retargeting ads, but reassures users that the information it collects identifies browsers and not individuals.

LinkedIn: LinkedIn also does not respond to DNT signals. Like Charles Schwab, the professional networking platform points to the lack of an industry standard for DNT response.

The site’s disclosure takes pains to explain that it does not use personally identifiable information in its execution of advertising policies, an added step to reassure users since LinkedIn contains volumes of user-submitted personal information.

2. Does Your Privacy Policy Need a DNT Disclosure?

If residents of California access your website, you must have a DNT disclosure in order to comply with the law. The state’s attorney general has a lengthy policy document that offers guidelines about how to develop an online privacy policy, including provisions that address “do not track” requests.

The California law is only one example of legislation that is either pending or under consideration by lawmakers at the state, federal or international level. Increasingly, consumers are aware of the amount of data they divulge by going online and want greater assurances that their information is protected.

In addition, any business that wants to maintain trust with its customers should be open about how it uses personal data. The Federal Trade Commission mandates that companies honor any promises made in a posted privacy policy. When that policy includes a DNT disclosure, consumers can take it as a sign that the company is aboveboard in how it chooses to do business.

3. Applicable Laws For DNT Disclosures

To give you a clear understanding of the legal landscape regarding DNT disclosures, we’ve provided all current state and Federal legislation pertaining to them below:

The Federal Communication Commission

In late 2015, the Federal Communications Commission denied a request from a consumer watchdog group that would have made compliance with do-not-track requests mandatory. The FCC stated it would not step in to regulate internet service providers, claiming this technology doesn’t fall under its purview.

To ensure that you’re compliant with CalOPPA, you should place a clear and conspicuous hyperlink within your privacy policy to your Do Not Track Disclosure so that you demonstrate transparency with your users.

4. Future Developments

The history of legislative attempts to enforce consumer DNT requests goes back to 2010, when the amount of data tracked by websites first became widely known. As recently as December 2015, a federal bill was introduced into the U.S. Senate to give consumers greater control over the use of their browsing information.

Although not yet law, the federal bill is an indication that authorities are attempting to prioritize consumer privacy online. U.S. regulators are also watching the situation closely.

In April 2017, the EU Working Party on data protection recommended a number of protections with regards to consumer data, including a prohibition on “take it or leave it” websites that do not allow consumer access without agreeing to allow for information tracking. While it does not explicitly mention DNT signals, the report indicates that this kind of data collection is also on the radar of EU authorities.

As a business, it’s wiser to err on the side of transparency and full disclosure. Many sites are dependent on retargeted advertising as a source of revenue and value the information they gather from tracking user history. In order to comply with the law, especially as regulators seem more willing to mandate privacy protection and safeguard user trust, it simply makes sense to reveal website activity.

Written by
Zachary Paruch

Zachary Paruch is a product manager and legal analyst at Termly, where he helps to develop legal policy software for small businesses.
He has been featured in the HuffPost, CMS Wire, AllBusiness.com, Ecwid, Simple Programmer, Credit Karma, and many, many more.

Products

Support

Disclaimer: Termly LLC is not a lawyer or a law firm and does not engage in the practice of law or provide legal advice or legal representation. All information, software, services, and comments provided on the site are for informational and self-help purposes only and are not intended to be a substitute for professional legal advice. Use of this site is subject to our Terms of Use.